Community Reputation

About chaostic

Contact Methods

I have never been able to crack WPA2. If you have a video of you doing it or someone else I would love to see it. The recent WPA crack is a TKIP problem. WPA2 with TKIP has the same exact flaw. So WPA2(TKIP) is cracked. Since half of all WPA2 devices only have TKIP option, it is a big problem. WPA2 + AES has not been cracked. JFGI.

Un-flipping-believeable!!! The uuber-stupidity of this is that there are TWO attack vectors. Since anybody can sniff the BSSID, that's a no-brainer. But wait, there's more...the other vector is: Are you familiar with OUIDs? The first three octets are assigned by manufacturer by IEEE. http://standards.ieee.org/cgi-bin/ouisearch So if you know (or guess) the maker of the device, you've got the first, second, and third octets as a gimmee. For example, if the rocket-scientists at Verizon are using Actiontec, then 00:34:95 is going to be the first half of tens of thousands of pass-phrases. From there the rest of the pass-phrase is a simple six character combination of 0-9 and A-F. 470,184,984,576 combinations, or around 70 minutes at 500,000 PPS. In reality you would create a ~600mb rainbow table with the values pre-populated, and it would take less than 20 minutes (since mac addresses are pairs of hex digits, it would be a smaller pool). The blinding irony of this is that the keyspace for the AES encryption of WPA2 is gi-normous. Unless you're NASA with a room full of FPGAs, you are not going to ever get within a galaxy of brute-forcing AES. And yet, some Telco leaves the key under the mat..... With both WAP being cracked, and one version of WAP2 cracked as well, wtf is secure anymore? WEP/WAP/WAP2 is security against the inpatient and lazy, or the average freeloader. If someone wants in, etc. etc.

I assume this is the reason why if you send a file while talking to someone on skype, it sends at a miserably slow speed, i.e. bytes per second, but if you put the call on hold it does a good job of using up all your upload bandwidth? No. That is bandwidth throttling, QOS, packet prioritization/queuing. With things like vonage and hardware voice adaptors acting as another router that can ensure that it tries to use the most bandwidth that your network has for voice when you are trying to use voice. Also, some dsl connections (Don't know about cable) get degrading upload speeds if you are also downloading alot. Using both up and down is worse than using them individually.

OSx86 works fine on some netbooks. The Dell Mini9/VostroA90 where perfect for it. http://gadgets.boingboing.net/2008/12/17/osx-netbook-compatib.html The problem with 10.6 is that it is too new for a working x86 hack to be out and about yet. And with the large variety of netbooks, its a crapshoot.

Wouldn't three passwords be better? 1- Low Level Throw Away Web passwords 2- High Level Web passwords (banking) 3- Local passwords (Computer logins) Any network password can be found out, leaving your local computers at risk. Three passwords would prevent that. A further step would include a high level password for local encrypted files/access.

Agreed. Must be something to it, ever notice how junk mail or bills never seem to be post-marked anymore? An interesting experiment might be to take some BS mail you get, drop it off in a drop box across town, and see if it makes it's way back to you. If it does, it would have some interesting implications. Bulk mail is pre-sorted by the mailer, and essentially pre-paid by contract with the USPS. No need to post-mark digitally scannable mail.

Just giving you a warning. White hat or not, ""hacking"" is hacking, and can land you in jail if an over-zealous prosecutor or cop gets on your ass. And just like the chart that PS posted, some of that info is human readable. Just look at some of the mail stamped by that machine at your office, and you will see what the serial number of the machine is. Honestly, I thought that info to be pretty common knowledge in regards to barcodes and tracking of postage use.

Trying to Hack Government property Trying to defraud a Government organization Messing with the Postal Police All federal pmita prison offenses. Word to the weary, those machines tend to stamp the unique machine ID as well as the postage paid stamp. They do audit usage. You or the company that owns the machine would be caught eventually.

Most newer WRTs have a VXWorks platform instead of just linux, so it is harder to replace. Also, skimping on hardware options like flash and ram made full dd-wrt options impossible, so you get the mini packs. Eh.

So wrong, that "Wrong!" is not enough. http://www.dd-wrt.com/wiki/index.php/Supported_Devices http://www.dd-wrt.com/dd-wrtv3/dd-wrt/hardware.html dd-wrt runs on more routing hardware than toasters run linux and pornsites have popups.